From 45848ced51a2015cda951d1331f81e484326adbe Mon Sep 17 00:00:00 2001
From: Sheogorath <sheogorath@shivering-isles.com>
Date: Sat, 29 Jan 2022 15:27:48 +0100
Subject: [PATCH] fix(kube-system): Fix metrics-server unable to scrape nodes

This patch fixes the problem that metrics-server is unable to scrape any
node, because the certificate for that node, doesn't contain its IP
address.

It's resolved by prefer to use the hostname instead, which should also
be more future proof in general.

```
E0129 14:24:37.428987       1 scraper.go:139] "Failed to scrape node" err="Get \"https://192.168.100.10:10250/stats/summary?only_cpu_and_memory=true\": x509: cannot validate certificate for 192.168.100.10 because it doesn't contain any IP SANs" node="node01.k8s01.si-infra.de"
```

References:
https://github.com/kubernetes-sigs/metrics-server/issues/835
---
 infrastructure/kube-system/metrics-server.yaml | 7 ++++++-
 1 file changed, 6 insertions(+), 1 deletion(-)

diff --git a/infrastructure/kube-system/metrics-server.yaml b/infrastructure/kube-system/metrics-server.yaml
index 11511062c..e1df0e985 100644
--- a/infrastructure/kube-system/metrics-server.yaml
+++ b/infrastructure/kube-system/metrics-server.yaml
@@ -25,7 +25,12 @@ spec:
       version: 3.7.0
   interval: 5m
   values:
-    replicas: 2
+    replicas: 2a
+    defaultArgs:
+      - --cert-dir=/tmp
+      - --kubelet-preferred-address-types=Hostname,InternalIP,ExternalIP
+      - --kubelet-use-node-status-port
+      - --metric-resolution=15s
     rbac:
       pspEnabled: true
     podDisruptionBudget:
-- 
GitLab